In order to gain access to protected resources, users are often required to enter passwords in order to prove their identity. Different applications, accounts or other types of protected resources associated with a given user may each require entry of a distinct password, thereby necessitating that the user remember multiple such passwords in order to access the corresponding resources.
An alphanumeric password is often entered using a keyboard of a computer, mobile telephone or other type of processing device. Due to the large number of keys on a typical keyboard, the number of possible combinations is virtually endless, leading to high theoretical entropy. In practice, however, the effective entropy is much lower as users tend to pick weak alphanumeric passwords, such as common words or phrases. Moreover, due to the burden of remembering multiple alphanumeric passwords, a user will often write down the passwords or otherwise make them vulnerable to inadvertent disclosure.
Although graphical passwords are also known, conventional graphical passwords can also be very difficult to remember, again leading users to make poor password choices that provide inadequate security.
Accordingly, a need exists for authentication techniques that avoid the above-noted problems associated with use of conventional alphanumeric or graphical passwords.